contact us

Webinars

Risk is a Board Game – Navigating Board Conversations on Cybersecurity Risk

You’ve gotten what you wished for. Cybersecurity and cyber risk are now board-level issues. Whatever barriers that once existed between business and security have disappeared, and your board is expecting a meaningful conversation on the topic. After all, board members can be held personally liable for business disruptions caused by security issues. Depending on how often these conversations occur, it’s probably safe to assume that the board has a) forgotten what you told them in the last meeting, and, b) wishes you framed your reporting in more of a business context, especially if they don’t have an IT or security background. In this webinar, we’ll be chatting with Ed Amoroso, former CISO for AT&T and founder and CEO of TAG Cyber. Ed’s extensive experience interacting with board members and recent publications on the topic will serve as the backdrop for walking through a few of his favorite questions that board members should be asking you about cybersecurity risk, and how you can go about providing answers that matter.

Watch Now

Getting Off the Threat & Vulnerability Management Treadmill

Organizations “know” what they need to do. They scan, find piles of vulnerabilities, then rush to patch. But low and behold, they aren’t sure that their patching efforts are improving their security posture, and with patch tickets accumulating at an alarming rate, they fall further and further behind. Why? What’s wrong? Unfortunately, Security and IT teams often find themselves in this unenviable position. The good news is that there’s a movement afoot that can rescue them. In this session you will learn how a risk-based approach to vulnerability management reduces vulnerability fatigue while improving workflow efficiency and personnel productivity in a truly measurable way.

Watch Now

Taming the Security Data Tsunami

Today’s security and IT teams are suffocating under an avalanche of security data. The sheer volume of the data, along with its multiple origins in siloed systems all but guarantee that it lacks context, meaning, and is difficult to make actionable. Learn how RiskSense harnesses the vulnerability data you have, adds context with threat intel, and incorporates business asset criticality as well as pen test findings to tame your security data tsunami.

Watch Now

Predictive Intelligence: Vulnerability Weaponization and Exploitation

The key to effectively reducing the attack surface is remediating exactly the right vulnerability or weakness that will be used by the adversary. While the idea is simple enough, executing on it has proven to be one of the largest challenges facing enterprises. The impact of this lack of visibility into the attacker journey is that vulnerability remediation strategies are likely unaligned, and therefore ineffective. There’s no data that supports the hypothesis to align early weaponization to breaches, which makes it hard to know when it is the ideal time to fix the vulnerability or weakness. Vulnerability prioritization and weaponization prediction must be fueled with data and domain expertise. Fixing thousands of vulnerabilities is not enough. We need to make sure we are fixing the right vulnerabilities, at the right time. This presentation will be given by Dr. Srinivas Mukkamala, Co-Founder and CEO of RiskSense. RiskSense’s team was the first to predict WannaCry and has since released Koadic Post Exploitation Command & Control.

Watch Now

Top 10 Tips for Selecting a Threat and Vulnerability Management Solution

With all the news about cyberattacks, it’s easy to feel like there aren’t enough people to cover all of the security bases. This means proper identification and management of threats and vulnerabilities is an absolute necessity to keep risk at its lowest levels. Join David Monahan, managing research director at leading IT analyst firm Enterprise Management Associates (EMA), and John Dasher of RiskSense, to learn why a threat and vulnerability management solution is a must have for your security portfolio.

Watch Now

Piecing Together IoT Risk from Flexible & Fractured Design Components

How do you handle risk assessment and vulnerability management for IoT when multiple security patterns need assessment? There is a new frontier for security that requires breaking conventional control and mitigation assumptions before a Frankenmonster rises from your IoT project. In this webinar, RiskSense CEO and Co-Founder Dr. Srinivas Mukkamala will discuss: 1) The assessment of chaining together multiple vulnerabilities and the potential exploit path through flexible and fractured design components for IoT. 2) Consideration for dynamically changing devices and utilization models that break traditional security and risk assessments. 3) IoT risk and the growing need to incorporate threat data, unintentional device use-cases, and the mechanisms to keep constant control of the devices themselves.

Watch Now

Do More to Safeguard Your Election Systems

In June 2018, Congress authorized $380 million in federal funding for states to improve and enhance election security. Do you have a plan to take full advantage your allotted funding? While the priorities for states differ, many experts are recommending careful consideration of cybersecurity improvements as your top priority. RiskSense would like to invite you to join us this webinar titled “Do More to Safeguard Your Election Systems”. In this presentation we will discuss how to improve the security of your election systems, voter registration, and vote tabulation systems. We will suggest industry best practices to establish a more secure, scalable, and more sustainable approach to improving your state’s election security.

Watch Now

No Safe Harbors: Charting a Smarter Course

Is the status quo really an option? What do maritime stakeholders (shipping companies, terminal operators, cruise lines, port authorities) need to do to prevent, prepare for and respond to the next attack on the horizon? To coin an old adage that has been used in many sports discussions and is also known as a principal of war, “The best defense is a good offense” This webinar will demonstrate tools and resources that maritime stakeholders can utilize to be Proactive and control their cyber risk. This webinar, focused on maritime operations, will provide unique insights of the recent cyber events and emerging threats. We will also: Discuss nationally-recognized solutions and management approaches that can lead your organization to a proactive and predictive posture with a Cyber Risk Management strategy, include experts from a “bench” of cybersecurity experts that are recognized internationally for their knowledge and skills, demonstrate our Cyber Risk Management platform that can give you the “Situational Analysis and Awareness” that you need in today’s rapidly expanding and complex environment, and learn how we can provide you the same resources that the Department of Defense, NASA, and other federal agencies use and trust, with RiskSense. Attending this webinar will provide you and your staff valuable insights and offer a course of action that can be a game changer for all maritime organizations.

Watch Now

Vulnerability Management in the Age of the Incident – RiskSense Best Practices Webinar Series

In this Best Practices Webinar, RiskSense CTO Danny Quist will dive into how organizations can reduce incident response costs with proactive vulnerability management. Security patches are an expensive undertaking for an organization, however, the positive impacts outweigh the negative. This webinar will provide a framework for you to help make the case for fast patching, remediation, and improved security. Danny will provide tools, techniques, and processes to reduce the number of security incidents at your organization, and save a substantial amount of money.

Watch Now
Data-Driven Prioritization:The Role of AI in Vulnerability and Threat Management

Data-Driven Prioritization:The Role of AI in Vulnerability and Threat Management

The conventional approach to vulnerability and threat management is rapidly changing to a data-driven strategy in which remediation efforts are targeted to individual vulnerabilities based on their exploitability, exploit pulse, and environment. This approach will revolutionize vulnerability management especially in the remediation of most common vulnerabilities that are frequently exploited but its success depends on the availability of reliable data, which can have many biases and uncertainties. Weaponization analysis can be used for early warning, diagnosis, remediation prioritization, and prescriptive information on what to fix and how to fix vulnerabilities that matter. While many vulnerabilities are identified, a few prove to be successful for attackers. In this talk we will present how AI will play a key role to ensure remediation recommendations that are targeted for vulnerabilities that is exploitable.

Watch Now
What Your Vulnerability Scanner is Not Telling You - RiskSense Best Practices Webinar Series

What Your Vulnerability Scanner is Not Telling You – RiskSense Best Practices Webinar Series

A recent, significant data breach in 2017 has caused people to take a deeper look into Apache Struts vulnerabilities. This weakness emphasized the impending risks for Apache Struts-based applications. Even today, scanners do not detect all known vulnerabilities. As of November 2017, the leading scanners still missed 14 total unique Common Vulnerabilities and Exposures (CVEs). In this webinar, we will analyze Apache Struts-related vulnerability weaponization patterns spanning the last decade. We will also provide insight into exploit patterns through a live exploit demonstration and explain how these patterns can define an organization’s risk management strategy. Hear from RiskSense’s Anand Paturi (VP of Research and Development) and Barry Cogan (Senior Security Analyst) as they guide us through the live demonstration and provide insights into exploit patterns and how attacks can be avoided.

Watch Now

How the State of Arizona Took a Proactive Stance to Optimize Cyber Risk Management

In this webinar, Morgan Reed (CIO) and Mike Lettman (CISO) from the State of Arizona will discuss with RiskSense CEO Srinivas Mukkamala a case study on how the State of Arizona has implemented a proactive cyber risk management program that uses a credit score like model for assessing threats and remediating those that matter most. Mr. Reed, Mr. Lettman, and Dr. Mukkamala will continue and expand on their conversation initially started during a learning lounge panel at this year’s 2017 NASCIO Conference. They will dive into the details of how their risk management approach has enabled IT to better measure and communicate risk to business leaders, and strategically focus on the most imminent cyber vulnerabilities in their environment.

Watch Now
Machine Against Machine: The New Cyber Security Paradigm - RiskSense Best Practices Webinar Series

Machine Against Machine: The New Cyber Security Paradigm – RiskSense Best Practices Webinar Series

Are we prepared to deal with malevolent AI? Artificial Intelligence (AI) can bolster defenses by analyzing vast volumes of data and assist cyber security professionals the converse is true as well; malevolent AI can assist hackers find their targets faster and launch attacks faster. Finding effective vulnerability threat pairs is difficult for multiple reasons. In an asymmetric war defenders have to know all possible vulnerability threat pairs, while an attacker will get away by knowing just a few successful ones. Our goal is to achieve a proof of principle for how we can predict successful vulnerability threat combinations using AI, without the need to brute force thousands of combinations. In this webinar, RiskSense CEO Srinivas Mukkamala will discuss with RiskSense Security Researchers Sean Dillon and Ben Mixon-Baca a recent case study where the combination of human expertise and Artificial Intelligence (AI) was able to mimic a human hacker to find vulnerable threat pairs and launch exploits at a tremendous scale.

Watch Now
Cyber Risk Management: What's Holding Us Back? - RiskSense Best Practices Webinar Series

Cyber Risk Management: What’s Holding Us Back? – RiskSense Best Practices Webinar Series

Over the past year, cyber risk management has gained a lot of attention in the media and among practitioners. Even though risk management has been proven to optimize business performance and lead to better investment decisions, many organizations have still not adopted this concept when it comes to their enterprise security model. This webinar will examine the obstacles that are preventing organizations from implementing cyber risk management and how they can be overcome.

Watch Now

Slaying the Paper Dragon: Risk on Paper vs. Real Risk

Many organizations’ vulnerability management efforts are designed to slay the paper dragon – focusing on vulnerabilities that pose a high risk in theory. Yet analysis of real world threat actors and their tactics, techniques, and procedures, as well as the vulnerabilities associated with these, demonstrate that this approach only reduces risk on paper. Vulnerability management is not a game of solitaire – there is an adversary dictating the rules of engagement – and the only aspect you control is the battlefield itself, your environment. In this webinar renown cyber security expert, Dr. Danny Quist, discusses how measuring risk posture and vulnerability criticality change once threat intelligence and risk modelling are taken into account, and how the strategic mitigation of these vulnerabilities can effectively harden your attack surface and reduce your true risk.

Watch Now
How Continuous Cyber Risk Scoring Helps State and Local Governments Tackle Today's Dynamic Threat Landscape

How Continuous Cyber Risk Scoring Helps State and Local Governments Tackle Today’s Dynamic Threat Landscape

Many cyber security professionals in the state and local government community are still grappling with how to implement a continuous cyber defense program that improves their information security posture and ensures compliance with NIST and other relevant guidance (i.e., FISMA, FedRAMP). Considering the massive volume of assets, associated controls, and vulnerabilities that agencies must deal with under a continuous diagnostics concept, they often lack the resources to handle the aggregation, normalization, and correlation of this data. This results in lengthy remediation cycles. In this webinar, Mike Lettman, Chief Information Security Officer at the Arizona Strategic Enterprise Technology Office of the State of Arizona, and Dr. Srinivas Mukkamala, renown cyber security expert and CEO of RiskSense, will illustrate how state and local government agencies can leverage a continuous cyber risk score to pro-actively discover and address cyber security gaps based on the risk they pose to their mission.

Watch Now
AI-Based Hacking and Defenses in a World of an Ever-Growing Attack Surface

AI-Based Hacking and Defenses in a World of an Ever-Growing Attack Surface

The adoption of Internet of Things (IoT), Software-Defined Networks, and Microservices without proper security controls have created a broader attack surface for cyber adversaries, whereby a few infiltration vectors account for most compromises while facing less common and hard to detect infiltration vectors. In this context, Artificial Intelligence (AI) can bolster defenses by analyzing vast volumes of data and assist cyber security professionals in their day-to-day operations. However, the same tools can be leveraged by hackers to find their targets faster and launch attacks quicker to disrupt business operations and attack industrial controls. In this webinar, renowned cyber security expert Dr. Srinivas Mukkamala will discuss how “malicious AI” could make today’s “cyber carnage” even worse. He will share result from a research study that RiskSense conducted to illustrate how human expertise in combination with AI can be leveraged to mimic a human hacker to find vulnerable threat pairs and launch exploits at scale. Dr. Mukkamala will also discuss how to transition from the traditional human expert model to an AI-based interactive, and iterative model to defend against machine-driven high frequency attacks.

Watch Now
Tackling Today’s Threat Landscape by Visualizing Cyber Risk

Tackling Today’s Threat Landscape by Visualizing Cyber Risk

How can we better visualize cyber risk as to understand our systemic susceptibility and its relevance to the business? Defining the role and extent of cyber risk in business operations in today’s environment is important not only for the board in terms of compliance and governance, but also for the IT team in understanding the business criticality of IT assets and prioritization for remediation efforts. This on-demand webcast will explain how organizations can operationalize cyber risk management and implement a pro-active, rather than reactive, approach to threat prevention, detection and response.

Watch Now
Taking Control: New Threats Call for Comprehensive Cyber Risk Management

Taking Control: New Threats Call for Comprehensive Cyber Risk Management

Security is a top priority for nearly every organization, and most organizations work hard to keep critical data safe. But threats are changing and too often, the best defensive efforts are falling short. There is simply too much information — both internal and external — for security professionals to keep up. In this webcast, renown cyber security expert Dr. Srinivas Mukkamala will outline the challenges posed by today’s dynamic threat landscape and explore how companies can operationalize their cyber risk management practices and implement a pro-active, rather than reactive, approach to cyber risk detection, prevention, and response.

Watch Now

The New Enterprise Security Model: Cyber Risk Management

One of the biggest challenges in cyber security today is how to manage the volume, velocity, and complexity of data generated by the myriad of IT security tools. The feeds from these disconnected, siloed tools must be analyzed, normalized, and remediation efforts prioritized. The more tools, the more difficult the challenge. This security model requires legions of staff to comb through huge amounts of data to connect the dots and find the needle in the haystack. These efforts can take months, during which time attackers can exploit vulnerabilities and extract data. Rather than adding more tools, organizations need to implement a new, more efficient enterprise security model. According to analyst firm Gartner, cyber risk management that uses intelligence-driven analytics can help organizations operationalize cyber security practices, break down silos, and enhance security operations tasks through automation. This webcast explores the emerging discipline of intelligence-driven cyber risk management as a response to the mounting cyber-attacks, advanced persistent threats, and insider leaks. It outlines not only today’s cyber security challenges, but provides practical advice of how to operationalize an organization’s cyber security practices across a growing attack surface.

Watch Now
Cyber Security Trends 2016: The Most Important Insights in Security

Cyber Security Trends 2016: The Most Important Insights in Security

According to Gartner, organizations will spend approximately $92 billion in IT Security in 2016. Despite these investments, we hear about new data breaches almost on a daily basis which makes securing the growing attack surface more important than ever. Thus, staying abreast of the latest emerging trends in cyber security is essential when aligning your information security plans. In this session, renowned cyber security expert Dr. Srinivas Mukkamala will explore emerging trends in network security, covering topics such as big data in security, threat and business intelligence as factors to determine cyber risk exposure, and the role of human-guided machine learning in orchestrating remediation actions.

Watch Now
Manage Cyber Risk: How to Identify, Quantify, and Remediate Threats

Manage Cyber Risk: How to Identify, Quantify, and Remediate Threats

While organizations spend huge sums of money every year to maintain a security perimeter designed to fend off cyber and insider threats, reports about breaches at organizations such as Hyatt, DNC, Twitter, and SWIFT are raising doubts about the effectiveness of these investments. In turn, cyber security insurance has emerged as a stop-gap to protect stakeholders from the shortcomings of siloed risk management processes. However, insurance policies are not a replacement for improving a company’s cyber security posture. In this session, renowned cyber security expert Dr. Srinivas Mukkamala will outline the challenges posed by today’s dynamic threat landscape. He will explain how organizations can operationalize cyber risk management and implement a pro-active, rather than reactive, approach to threat prevention, detection and response. Dr. Mukkamala will reveal best practices in how to identify, quantify, and remediate imminent cyber risk across a growing attack surface.

Watch Now